That’s not going to work. The cas mgmt app and the cas server must share the same service registry [1]. In your case, they don’t. They are both isolated to their own memory space. You’ll need to use a registry option that allows sharing and one that provides persistence for you (DB, JSON, YAML, etc)
[1] http://jasig.github.io/cas/4.0.x/installation/Service-Management.html From: Thibault Huguet [mailto:[email protected]] Sent: Monday, June 8, 2015 12:06 PM To: [email protected] Subject: Re: [cas-user] help with org.jasig.cas.client.validation.ProxyList Sorry haven't told my version, i'm running 4.0.1 the service seems allowed to proxy, in my managementConfigContext.xml : <bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"> <property name="registeredServices"> <util:list> <bean class="org.jasig.cas.services.RegexRegisteredService" p:id="2" p:name="PWM" p:serviceId="https://myserver.mydomain.com:8443/pwm/private/"; p:evaluationOrder="10000001" p:ssoEnabled="true" p:anonymousAccess="false" p:allowedToProxy="true" </util:list> </property> </bean> i can also see the service as allowed to proxy in the management web app, 2015-06-08 20:56 GMT+02:00 Misagh Moayyed <[email protected] <mailto:[email protected]> >: It’s because the service in your registry (svc mgmt) is set to disallow proxy. Set allowToProxy=true for that entry, assuming you’re running 3.5.x. From: Thibault Huguet [mailto:[email protected] <mailto:[email protected]> ] Sent: Monday, June 8, 2015 10:07 AM To: [email protected] <mailto:[email protected]> Subject: [cas-user] help with org.jasig.cas.client.validation.ProxyList Hello, i'm trying to setup CAS for PWM. in my clearpass-configuration.xml i have those beans as per the doc: <bean id="casValidationFilter" class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter" p:serverName="${server.name <http://server.name> }" p:exceptionOnValidationFailure="false" p:useSession="true" p:ticketValidator-ref="clearPassTicketValidator" /> <bean id="clearPassTicketValidator" class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator" c:casServerUrlPrefix="${server.prefix}" p:allowedProxyChains-ref="clearPassProxyList" /> <bean id="clearPassProxyList" class="org.jasig.cas.client.validation.ProxyList"> <constructor-arg> <list> <value>https://myserver.mydomain.com:8443/pwm/private/</value> </list> </constructor-arg> </bean> i also tried moving the clearPassProxyList to deployerconfig.xml as per some doc says to. I can also see https://myserver.mydomain.com:8443/pwm/private/ as allowed to everything but anonymous access in the service management webapp. Anyway, when i try to log into pwm, after a successfull cas login i end up with this error: "javax.servlet.ServletException: org.jasig.cas.client.validation.TicketValidationException: The supplied service 'https://myserver.mydomain.com:8443/pwm/private/' is not authorized to use CAS proxy authentication" is error due to not beeing autorized in the cas service management or in the clearPassProxyList? Does anyone know what my mistake is? regards, Thib -- You are currently subscribed to [email protected] <mailto:[email protected]> as: [email protected] <mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] <mailto:[email protected]> as: [email protected] <mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- Cordialement, Thibault Huguet www.dacave.fr <http://www.dacave.fr> -- You are currently subscribed to [email protected] <mailto:[email protected]> as: [email protected] <mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
